Course Outline

Summary of Information System Security

• Summary of IT Security
• Confidentiality, integrity, and availability in Information Systems
• Define Security Principles
• Identifying legal and managerial matters for information security
• Classify professional philosophies
• Security Policy, Morals, Activities, and Approaches
• Understanding business needs

An Overview of Risk Management

• Classify risk management
• Threat modeling
• Integrate security risk discussions into the plan
• Awareness of the information security
• Supporting safety against risks
  • Retentive confidentiality, integrity, and obtainability security principles
  • Handling security policies and standards
  • Applying compliance
• Effective risk management
• Evaluating threats and vulnerabilities
• Achieving risk detection and control
• Understanding qualitative and quantitative analysis
• Business Continuity Management
  • Define Business Continuity Management Code
  • Business impact analysis
• Define Legal Events Monitoring
• Analysing intelligent property, obligation and law
• Define computer crime
• Define ethical behavior and compliance

Summary of Asset Security

• Organising information
• Supporting properties
• Possession controlling and maintain tenancy
• Protect privacy
• Describing data safety controls
• Managing launch needs
• Asset Identification, categorization and prioritisation
• Defensive data by treatment, patterns, classification, and storage
• Addressing privacy and PII  

An Overview of Security Engineering

• Understanding secure design principles
• Implement manufacturing processes
• Define security models
• Define Security abilities
• How to measure and diminish the vulnerabilities of security architectures
• Measure and lessen flaws in the mobile systems
• Measure and diminish vulnerabilities in the embedded devices and cyber-physical systems
• Define cryptography.
• Perceiving security models and frameworks
• An Overview of Information Security Triad and multi-level models
• Examining industry morals: ISO 27001/27002
• Calculating security model essential concepts
• Exploring system and component security concepts
• Understanding system design ideas, competencies, and boundaries
• What are mobile systems vulnerabilities?
• Defensive information by relating cryptography
• Identifying symmetric and asymmetric encryption systems
• Checking message integrity through hashing
• Cryptographic systems threats
• Protection of physical capitals
• Planning environments to resist intimidating threats
• Rejecting unauthorised access

Summary of Network Security and Communication

• Investigating Secure network works
• Planning and executing secure communication
• Prevent or decrease network spams

Access & Identify Management

• Logical and physical access to control properties
• Managing documentation and confirmation of devices
• Assimilate individuality as a service
• Assimilate third-party identity amenities
• Apply and attain authorization tools
• Avoid or ease access control attacks
• Manage the individuality and access provisioning lifecycle
• Managerial access to protect possessions
• Describing administrative, technical and physical controls
• Implementing centralised and decentralised methods
• Monitoring biometric and multi-factor verification
• Categorizing common dangers
• Studying cloud services and architecture

Security Assessment & Testing

• Plan and evaluate test plans
• Conduct and collect security control testing
• Reviewing and reporting test outputs
• Sympathetic flaws of security architectures
• Planning and showing security valuation methods
• Helping the role of testing and monitoring to the competence of security controls
• Distinctive detection and protection systems
• Showing logging and monitoring methods
• Distinctive roles of internal and external reviews
• Labelling secure account management

Security Operations

• Define inquiries
• Understand supplies for investigation types
• An Overview of Service resource protection methods
• An Overview of Conduct incident management
• Conducting logs and observing actions
• Understand the foundational security processes thoughts
• Understanding Function and sustain preventative events

Software Security Development

• How to use security in the software development lifecycle?
• How to use security controls in development environments?